Remarks 



Claims 1-39 are pending in this application. Reconsideration and allowance in 
view of the above amendments and the following remarks are respectfully requested. 
These amendments are being made to facilitate early allowance of the presently 
claimed subject matter. Applicants do not acquiesce in the correctness of the 
objections and rejections and reserve the right to pursue the full scope of the subject 
matter of the original claims in a subsequent patent application that claims priority to the 
instant application. 

Claim 1-39 are rejected under 35 U.S.C. 102(b) over Levergood et al. (U.S. 
Patent No.: 5,708,780), hereafter "Levergood." This rejection is defective because 
Levergood does not disclose each and every feature set forth in the claims as required 
by 35 U.S.C. 102(b). 

Claim 1 recites: 

"A method for protecting a distributed application user, comprising: 

providing a distributed application on a server; 

determining a security value for an authenticated user of the 
distributed application; 

associating the security value with a set of commands of the 
distributed application, wherein each command comprises a command 
that can be used in a malicious attack against the authenticated user; 

receiving one of the set of commands on the server from the 
authenticated user; 

checking the one command for the security value to determine if 
the one command originated from the authenticated user; 

preventing execution of the one command if the security value is 
not found with the one command; and 

returning an error message to the authenticated user if the security 
value is not found with the one command, wherein the error message 
prompts the authenticated user for confirmation before the one command 
can be executed." 
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Levergood fails to disclose, among other features, "associating the security 
value with a set of commands of the distributed application, wherein each command 
comprises a command that can be used in a malicious attack against the 
authenticated user," receiving one of the set of commands on the server from the 
authenticated user," "checking the one command for the security value to determine if 
the one command originated from the authenticated user," "preventing execution of the 
one command if the security value is not found with the one command," and "returning 
an error message to the authenticated user if the security value is not found with the 
one command, wherein the error message prompts the authenticated user for 
confirmation before the one command can be executed." On the contrary, 
Levergood's SID is associated with, and is used to provide selective access to, a 
"controlled page" (see, e.g., column 5, lines 17-65, FIG. 2A). Levergood's SID is not 
used to control the execution of commands, which can be used in a malicious attack, 
as in the present invention. 

Accordingly, Applicants submit that independent claim 1, and associated 
dependent claims 2-10, are allowable. Further, Applicants submit that independent 
claims 11 (and associated dependent claims 12-17), 18 (and associated dependent 
claims 19-28), and 29 (and associated dependent claims 30-39) are allowable for 
reasons similar to those set forth above with regard to independent claim 1 . 

Applicants submit that each of the pending claims is patentable for one or more 
additional unique features. To this extent, Applicants do not acquiesce to the 
Examiner's interpretation of the claimed subject matter or the references used in 
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rejecting the claimed subject matter. These features have not been separately 

addressed herein for brevity. However, Applicants reserve the right to present such 

arguments in a later response should one be necessary. 

In light of the above, Applicants respectfully submit that all claims are in condition 

for allowance. Should the Examiner require anything further to place the application in 

better condition for allowance, the Examiner is invited to contact Applicants' 

undersigned representative at the number listed below. 

Respectfully submitted, 

/ John A. Merecki / 

Date: December 3, 2007 John A. Merecki 

Reg. No.: 35,812 

Hoffman, Warnick & D'Alessandro LLC 
75 State Street, 14 th Floor 
Albany, New York 12207 
(518)449-0044 
(518)449-0047 (fax) 
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